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Reply to Office Action 

REMARKS 

The Examiner is thanked for the performance of a thorough search. 

Claims 1, 21, 25, and 29 have been amended. Claims 33-47 have been added. Claims 2, 
22, 26, and 30 have been canceled. Hence, Claims 1,3-21, 23-25, 27-29, and 31-47 are pending 
in the present application. 

Each issue raised in the Office Action mailed April 18, 2007 is addressed hereinafter. 
I. DRAWING AMENDMENT 

The Applicants respectfully request approval of the amendments to FIGs. 1 , 2, 3 A, and 
3B as depicted in the drawing sheets attached to this paper. For each of FIGs. 1, 2, 3 A, and 3B, 
included are a marked-up sheet labeled "Annotated Marked-up Drawing," and a replacement 
sheet labeled "Replacement Sheet" that depicts the respective figure as amended. 

The proposed changes to FIG. 1 include adding component " 118 VERIFICATION 
LOGIC" to network element 102. Verification logic 1 18 is described as part of network element 
102 in at least in paragraphs [0026] and [0027] of the specification as originally filed. Thus, no 
new matter is introduced by the proposed changes to FIG. 1 , which is merely conformed to the 
original specification. 

The proposed changes to FIG. 2 include correcting from "208" to "212" the reference 
numeral for the box labeled "APPLY CONFIGURATION DIRECTIVE(S) TO NETWORK 
ELEMENT." Reference numeral 212 (and not reference numeral 208) is described with respect 
to this box in paragraph [0054] of the specification as originally filed. Thus, no new matter is 
introduced by the proposed changes to FIG. 2, which is merely conformed to the original 
specification. 

The proposed changes to FIG. 3 A include adding reference numeral "301 A". Reference 
numeral 301 A is described with respect to FIG. 3A in paragraph [0055] of the specification as 
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originally filed. The proposed changes to FIG. 3B include adding reference numeral "301B". 
Reference numeral 301B is described with respect to FIG. 3B in paragraph [0060] of the 
specification as originally filed. Thus, no new matter is introduced by the proposed changes to 
FIGs. 3 A and 3B, which are merely conformed to the original specification. 

Consideration and entry of the drawing amendments to FIGs. 1, 2, 3 A, and 2B is 
respectfully requested. 

II. ISSUES RELATING TO THE CITED ART 
A. INDEPENDENT CLAIM 1 

Claim 1 was rejected under 35 U.S.C. § 102(e) as allegedly anticipated by Bosler, U.S. 
Patent Application Publication No. US 2005/0010757 ("BOSLER"). The rejection is respectfully 
traversed. 

Among other features, Claim 1 comprises the feature of: 

verifying that two or more digital signatures, from the one or more digital signatures, are 
valid and that two or more principals respectively associated with the two or 
more digital signatures have collective authority to perform the 
configuration directives on the host network element . 

BOSLER does not describe or suggest the above feature of Claim 1 . 

In paragraph [0058], BOSLER describes that a first node and a second node may 

establish a secure session by exchanging a management message that may be authenticated by a 

digital signature. Specifically, BOSLER describes that the first node and the second node may 

establish a secure session by mutual authentication using their respective public keys. (Paragraph 

[0058], lines 9-12.) The first node may send a management message to the second node 

(paragraph [0058], lines 7-9), where the management message may be signed by a digital 

signature generated by using the first node's private key (paragraph [0058], lines 13-17). 

Significantly, BOSLER describes that the second node verifies the authenticity of the sender (i.e. 
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the first node) by using the first node's public key on the digital signature included in the 
management message. (Paragraph [0058], lines 19-24.) 

Thus, at most BOSLER describes that a node may use a digital signature included in a 
management message to verify the authenticity of the message sender. However, verifying the 
authenticity of a sender based on a digital signature included in a message as described in 
BOSLER is not equivalent to the feature of Claim 1 of verifying that two or more principals 
respectively associated with the two or more digital signatures have collective authority to 
perform the configuration directives on the host network element . 

Further, neither paragraph [0058] nor any other paragraph of BOSLER describes or 
suggests that a management message may be signed with two or more digital signatures. Since 
BOSLER describes using a digital signature for the purpose of authenticating the sender, the 
sender does not need to send more than one signature in order to authenticate itself with the 
receiving node. In fact, BOSLER does not describe or suggest that a node may be assigned more 
than one private key, which means that in BOSLER a node CANNOT sign a management 
message with more than one digital signature. In contrast, Claim 1 features verifying that two or 
more digital signatures included in a received configuration information are valid and that two or 
more principals respectively associated with the two or more digital signatures have collective 
authority to perform configuration directives on a network element. 

For the above reasons, BOSLER does not describe or suggest all features of Claim 1 . 
Thus, Claim 1 is patentable under 35 U.S.C. § 102(e) over BOSLER. Reconsideration and 
withdrawal of the rejection of Claim 1 is respectfully requested. 

B INDEPENDENT CLAIM 8 

Claim 8 was rejected under 35 U.S.C. § 102(e) as allegedly anticipated by BOSLER. The 
rejection is respectfully traversed. 
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Among other features, Claim 8 comprises the features of: 

receiving configuration control information that includes a time period during which 
a valid digital signature is required for applying one or more particular 
configuration directives ; 

. . . , 

only when the date-time value is within the time period and the one or more 

configuration directives have not been previously received during the time 
period , attempting to verify the one or more digital signatures based on the 
trust information, and applying the configuration directives to a network 
element only when the one or more digital signatures are verified successfully. 

The Office Action asserts that the above features of Claim 8 are described in paragraphs [0071] 

and [0073] of BOSLER. This assertion is incorrect. 

In paragraph [0071], BOSLER states: 

The certification server 13 is arranged to receive a certificate-grant request and to 
issue the requested public-key certificate, provided that the time interval 
between the initialization time and the request time (i.e. the time when the 
certificate-grant request was received at the certification server 13) is within a 
maximum time interval 14 stored , for example, in the certification server 13. 
The time interval 14 is configurable by an authorized user, e.g. a network 
operator. In order to decide whether the certificate is granted, the certification 
server accesses the management information database 12 and recalls the stored 
initialization time for the managed node 4 from which the certificate-grant request 
was received. (Emphasis added.) 

The time interval described in the above paragraph is an interval within which a node must 

request a public key certificate. Significantly, a certificate server would grant a public key 

certificate to a node only if the node requests the certificate within a particular time interval after 

a management agent is initialized/installed on the node. (See also at least BOSLER, paragraph 

[0010]; paragraph [0073], lines 17-22.) Thus, the time interval described by BOSLER is used to 

determine whether or not a node would be granted a public key certificate. 

In contrast, Claim 8 includes the feature of receiving configuration control information 

that includes a time period during which a valid digital signature is required for applying one or 

more particular configuration directives . A time period during which a valid signature is 

required for applying a configuration directive on a network element (as featured in Claim 8) is 
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completely different from a time interval used to determine whether or not a node would be 
granted a public key certificate (as featured in BOSLER). 

Further, in paragraph [0058] BOSLER describes that a first node and a second node may 
establish a secure session by exchanging a management message that may be authenticated by a 
digital signature. However, BOSLER does not describe or suggest that a management message 
sent by the first node includes any time interval. In fact, there is absolutely nothing in BOSLER 
that describes or suggests that management messages exchanged between nodes may include any 
time intervals indicating that configuration operations specified in the messages can be applied 
on nodes only during these time intervals. In contrast, the time period featured in Claim 8 is 
used to determine whether verification of one or more digital signatures would be attempted and 
whether one or more configuration directives would be applied to a network element. 

For the above reasons, BOSLER does not describe or suggest all features of Claim 8. 
Thus, Claim 8 is patentable under 35 U.S.C. § 102(e) over BOSLER. Reconsideration and 
withdrawal of the rejection of Claim 8 is respectfully requested. 

C INDEPENDENT CLAIM 1 8 

Claim 18 was rejected under 35 U.S.C. § 102(e) as allegedly anticipated by BOSLER. 

Claim 18 includes features similar to the features of Claim 8 discussed above. Thus, 
Claim 18 is patentable under 35 U.S.C. § 102(e) over BOSLER for at least the reasons given 
above with respect to Claim 8. Reconsideration and withdrawal of the rejection of Claim 1 8 is 
respectfully requested. 

D. INDEPENDENT CLAIMS 21,25, AND 29 

Claims 21, 25, and 29 were rejected under 35 U.S.C. § 102(e) as allegedly anticipated by 
BOSLER. 
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Claims 21, 25, and 29 include features similar to the features of Claim 1 discussed above, 
except in the context of an apparatus and a computer-readable medium. Thus, Claims 21, 25, 
and 29 are patentable under 35 U.S.C. § 102(e) over BOSLER for at least the reasons given 
above with respect to Claim 1 . Reconsideration and withdrawal of the rejection of Claims 21, 25, 
and 29 is respectfully requested. 

E. DEPENDENT CLAIMS 3-7, 9-17, 19-20, 23-24, 27-28, AND 31-32 

Claims 3-7, 9-17, 19-20, 23-24, 27-28, and 31-32 were rejected under 35 U.S.C. § 102(e) 
as allegedly anticipated by BOSLER. 

Each of Claims 3-7, 9-17, 19-20, 23-24, 27-28, and 31-32 depends from one of 
independent Claims 1,8, 18, 21, 25, and 29, and thus includes each and every feature of the 
independent base claim. Thus, each of Claims 3-7, 9-17, 19-20, 23-24, 27-28, and 31-32 is 
allowable for at least the reasons given above for Claims 1, 8, 18, 21, 25, and 29. In addition, 
each of Claims 3-7, 9-17, 19-20, 23-24, 27-28, and 31-32 introduces one or more additional 
features that independently render it patentable. However, due to the fundamental differences 
already identified, to expedite the positive resolution of this case a separate discussion of those 
features is not included at this time. Therefore, it is respectfully submitted that Claims 3-7, 9-17, 
19-20, 23-24, 27-28, and 31-32 are allowable for the reasons given above with respect to Claims 
1, 8, 18, 21, 25, and 29. Reconsideration and withdrawal of the rejections of Claims 3-7, 9-17, 
19-20, 23-24, 27-28, and 31-32 is respectfully requested. 

F. NEW CLAIMS 33-47 

Each of new Claims 33-47 depends from one of independent Claims 21, 25, and 29, and 
thus includes each and every feature of the independent base claim. Thus, each of Claims 33-47 
is allowable for at least the reasons given above for Claims 21, 25, and 29. In addition, each of 
Claims 33-47 introduces one or more additional features that independently render it patentable. 
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However, due to the fundamental differences already identified, to expedite the positive 
resolution of this case a separate discussion of those features is not included at this time. 
Therefore, it is respectfully submitted that Claims 33-47 are allowable for the reasons given 
above with respect to Claims 21, 25, and 29. Consideration and allowance of Claims 33-47 is 
respectfully requested. 
III. CONCLUSION 

The Applicants believe that all issues raised in the Office Action have been addressed. 
Reconsideration of the present application is respectfully requested in light of the amendments 
and remarks herein. 

The Examiner is respectfully requested to contact the undersigned by telephone if it is 
believed that such contact would further the examination of the present application. 

A petition for extension of time, to the extent necessary to make this reply timely filed, is 
hereby made. If applicable, a law firms check for the petition for extension of time fee is 
enclosed herewith. If any applicable fee is missing or insufficient, throughout the pendency of 
this application, the Commissioner is hereby authorized to charge any applicable fees and to 
credit any overpayments to our Deposit Account No. 50-1302. 



Respectfully submitted, 

HICKMAN PALERMO TRUONG & BECKER LLP 



Dated: July \^ , 2007 




Stoycho D. Draganoff 
Reg. No. 56,181 



2055 Gateway Place, Suite 550 
San Jose, California 951 10-1089 
Telephone No.: (408) 414-1080 ext. 208 
Facsimile No.: (408) 414-1076 
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